weechat-3.6-1.el8

October 6, 2022

Read Time:33 Second

FEDORA-EPEL-2022-56709b917a

Packages in this update:

weechat-3.6-1.el8

Update description:

add command “/item” to create custom bar items
add bar item “spacer”
add case conversion in evaluation of expressions with “lower:string” and “upper:string”
move detailed list of hooks from command “/plugin listfull” to “/debug hooks “
allow to remove multiple filters at once with command “/filter del”
allow to catch multiple signals in functions hook_signal and hook_hsignal
rename option “save” to “apply” in IRC command “/autojoin”
add support of RPL_HELPSTART, RPL_HELPTXT and RPL_ENDOFHELP (IRC messages 524, 704, 705, 706)
add support of PHP 8.2
many bugs fixed.

Advisories

weechat-3.6-1.fc37

October 6, 2022

Read Time:33 Second

FEDORA-2022-88252e4f80

Packages in this update:

weechat-3.6-1.fc37

Update description:

Advisories

weechat-3.6-1.fc36

October 6, 2022

Read Time:33 Second

FEDORA-2022-b81c4781af

Packages in this update:

weechat-3.6-1.fc36

Update description:

Advisories

weechat-3.6-1.el9

October 6, 2022

Read Time:33 Second

FEDORA-EPEL-2022-1c6c522b07

Packages in this update:

weechat-3.6-1.el9

Update description:

Advisories

USN-5660-1: Linux kernel (GCP) vulnerabilities

October 6, 2022

Read Time:1 Minute, 12 Second

It was discovered that the framebuffer driver on the Linux kernel did not
verify size limits when changing font or screen size, leading to an out-of-
bounds write. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-33655)

Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation
in the Linux kernel did not provide sufficient randomization when
calculating port offsets. An attacker could possibly use this to expose
sensitive information. (CVE-2022-1012, CVE-2022-32296)

Norbert Slusarek discovered that a race condition existed in the perf
subsystem in the Linux kernel, resulting in a use-after-free vulnerability.
A privileged local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-1729)

It was discovered that the device-mapper verity (dm-verity) driver in the
Linux kernel did not properly verify targets being loaded into the device-
mapper table. A privileged attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2022-2503)

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter
subsystem in the Linux kernel did not properly handle rules that truncated
packets below the packet header size. When such rules are in place, a
remote attacker could possibly use this to cause a denial of service
(system crash). (CVE-2022-36946)

Advisories

DSA-5249 strongswan – security update

October 6, 2022

Read Time:5 Second

Lahav Schlesinger discovered a vulnerability in the revocation plugin of
strongSwan, an IKE/IPsec suite.

Advisories

DSA-5250 dbus – security update

October 6, 2022

Read Time:7 Second

Evgeny Vereshchagin discovered multiple vulnerabilities in D-Bus, a
simple interprocess messaging system, which may result in denial of
service by an authenticated user.

Advisories

DSA-5251 isc-dhcp – security update

October 6, 2022

Read Time:4 Second

Several vulnerabilities have been discovered in the ISC DHCP client,
relay and server.

Cyber Security News

Daily Archives: October 6, 2022

weechat-3.6-1.el8

FEDORA-EPEL-2022-56709b917a

Packages in this update:

Update description:

weechat-3.6-1.fc37

FEDORA-2022-88252e4f80

Packages in this update:

Update description:

weechat-3.6-1.fc36

FEDORA-2022-b81c4781af

Packages in this update:

Update description:

weechat-3.6-1.el9

FEDORA-EPEL-2022-1c6c522b07

Packages in this update:

Update description:

USN-5660-1: Linux kernel (GCP) vulnerabilities

DSA-5249 strongswan – security update

DSA-5250 dbus – security update

DSA-5251 isc-dhcp – security update

News, Advisories and much more